Keep Your Mac Safe For Free (On the Net) Part 2

In last week’s blog entry (http://wp.me/p2J68t-u), we discussed these “free” ways to keep your Mac safe: Keep the Mac OS X up to date, turn “off” Java, adjust settings in Adobe Flash Player, install an anti-virus program, set up your built-in firewall, and password protection. This week, we’ll discuss how to keep your Mac safe while on the Internet.

Surfing the Net, and Privacy Issues go hand-in-hand.

Every time you go to a website, you are providing information about “YOU”. Often, even after you leave the site, you are being tracked by a “cookie” that was installed on your computer. Your buying habits are being stored and reviewed. The websites you go to are monitoring you and collecting data about you. Finally, there is always malicious software that can attack your computer just by visiting a site (most recently the FlashBack Trojan). The very first step to surfing the net safely is to educate yourself, and anyone else in your family/business that uses a computer on what hazards are “out there” on the net, and how to avoid them. I urge you to visit this URL: http://www.privacyalliance.org/surf-safely.html The data mentioned here is an “eye-opener”.

Here are some tools that will help you:

The Browser.

There are a number of good browsers available now for the Mac. On their own, none are safe, but you can make them safer. For example, in Firefox (Tools>Add-0ns>Extensions), Safari, Google Chrome, Opera, and Internet Explorer, you can install a plug-in called Ghostery. This piece of software keeps you safe by detecting web bugs, tags, pixels, and beacons that are found on web pages that are used to find out about your online behavior. Not only does Ghostery detect them, it blocks them too. Another feature on most popular browsers is a Privacy Mode, or Private Browsing. This is not a plug-in, but a configuration option already available in the browser. In this mode, the browser does not store in its cache any browsing history, images, passwords, etc. The lack of a “foot print” makes it difficult for anyone else using your computer to know where you have gone.

Proxies.

The are a number of reasons for using a proxy server, but the main reason is simply to hide your IP address. In a sense, you have a different identity on the net while you an anonymous proxie. There are a number of ways to accomplish this by using: Web based proxies, Direct proxies, Software based proxies, and Anonymous Proxy Networks. A very good explanation of each can be found at: http://www.delete-computer-history.com/anonymous-proxy.html My favorite is an anonymous proxy network called TOR. The following is from the publisher’s description (Electronic Frontier Foundation, https://www.eff.org/).

Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.

Tor protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.

Hundreds of thousands of people around the world use Tor for a wide variety of reasons: journalists and bloggers, human rights workers, law enforcement officers, soldiers, corporations, citizens of repressive regimes, and just ordinary citizens. See the Who Uses Tor? page for examples of typical Tor users. See the overview page for a more detailed explanation of what Tor does, and why this diversity of users is important. Tor doesn’t magically encrypt all of your Internet activities, though. You should understand what Tor does and does not do for you.

You need to know that none of the proxies are 100% effective in hiding you, but in my opinion, Tor is head and shoulders above the rest in the way it randomly routes through its network. Tor can be downloaded in two flavors: The Vidalia bundle, and the Tor Browser. In the former, a button on your browser gets you into the Tor network. In the later, you use a modified Firefox browser and once, opened you are automatically in the Tor network. Tor seems to be transitioning to the Tor browser, and unfortunately both options now are “buggy”. Try the browser, if it doesn’t work, simply drag it to your trash. Keep an eye on this solution, because once they get the bugs out of it, and they will, it will be a great privacy tool to use when surfing the web. To find out more about Tor, and get the software needed to run it, please go to: https://www.torproject.org/docs/tor-doc-osx.html.en

(Author’s note: Several weeks after I wrote this article, the Tor Bundle was updated. I have used it for months now, and have had no issues. This is a great piece of software.)

Summary:

In this article are some simple, basic, free tips and tools to keep your trips on the net safer. Remember, there is nothing better than exercising some good common sense. Be careful and have fun.

Sidebar:

Though discussing this software is “off topic” for this document, it is mentioned because this piece of software should be an important part of your security arsenal: TrueCrypt. The program creates an encrypted volume on your hard drive that can only be opened by a password/keyfile. It is simple to set up, and has its own graphic user interface to make it easier to use and manage. The following is an excerpt from their User Guide:

TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted or decrypted right before is loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). Files are automatically being decrypted on-the-fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume. Similarly, files that are being written or copied to the TrueCrypt volume are automatically being encrypted on-the-fly (right before they are written to the disk) in RAM. Note that this does not mean that the whole file that is to be encrypted/decrypted must be stored in RAM before it can be encrypted/decrypted. There are no extra memory (RAM) requirements for TrueCrypt. For an illustration of how this is accomplished, see the following paragraph.

Let’s suppose that there is an .avi video file stored on a TrueCrypt volume (therefore, the video file is entirely encrypted). The user provides the correct password (and/or keyfile) and mounts (opens) the TrueCrypt volume. When the user double clicks the icon of the video file, the operating system launches the application associated with the file type – typically a media player. The media player then begins loading a small initial portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) in order to play it. While the portion is being loaded, TrueCrypt is automatically decrypting it (in RAM). The decrypted portion of the video (stored in RAM) is then played by the media player. While this portion is being played, the media player begins loading next small portion of the video file from the TrueCrypt-encrypted volume to RAM (memory) and the process repeats. This process is called on-the-fly encryption/decryption and it works for all file types, not only for video files.

Note that TrueCrypt never saves any decrypted data to a disk – it only stores them temporarily in RAM (memory). Even when the volume is mounted, data stored in the volume is still encrypted. When you restart Windows or turn off your computer, the volume will be dismounted and files stored in it will be inaccessible (and encrypted). Even when power supply is suddenly interrupted (without proper system shut down), files stored in the volume are inaccessible (and encrypted). To make them accessible again, you have to mount the volume (and provide the correct password and/or keyfile).

With TrueCrypt you can take files you want to keep secure (tax information, credit card information, checking account data, private letters, etc) and place them in an encrypted container on your hard drive. Once your password or keyfile is entered, you have access to the data, just like you did when it was visible on the hard drive. You can choose between a visible container, and a “hidden” one. Should someone “hack” your Mac, it will be very very very difficult for them to access your encrypted container, assuming they can find it in the first place. You can obtain more information, and the program itself from: http://www.truecrypt.org/